<?php
namespace Home\Controller;
//use Think\Controller;
class UserController extends BaseController {
	//系统管理页
	public function index() {
		$username = $_SESSION["username"];
		$m = M("member");
		$result = $m -> where("username='$username'") -> find();
		$this -> assign('result', $result);
		if (IS_POST) {
			if ($_POST["user"] == "exit") {
				session_destroy();
				$this->redirect("/home/index/login");
			}
		} else if (IS_GET) {
			$this -> display();
		}
	}
	//	   权限管理页
	public function auth() {
		if (IS_POST) {
			if ($_POST["user"] == "exit") {
				session_destroy();
				$this->redirect("/home/index/login");
			}
		}
		if ($_SESSION["username"]) {
			$username = $_SESSION["username"];
			$m = M("member");
			$res = $m -> where("username='{$username}'") -> select();
			$id = $res[0]["id"];
			$ret = $m -> find($id);
			$this -> assign('ret', $ret);
			if (count($res) > 0) {
				$this -> display();
			}
		}
	}
	//个人信息页
public function info() {
		$m = M("member");
		$username = $_SESSION["username"];
		if (IS_GET) {
			$res = $m -> where("username='{$username}'") -> select();
			$id = $res[0]["id"];
			$ret = $m -> find($id);
			$this -> assign('ret', $ret);
			if (count($res) > 0) {
				$this -> display();
			}
		}
		if (IS_POST) {
			if ($_POST["user"] == "exit") {
				session_destroy();
				$this->redirect("/home/index/login");
			}
			if ($m -> create()) {
				$result = $m -> where("username='{$username}'") -> save();
				$obj = (object) array();
				$obj -> code = 0;
				$obj -> message = "修改成功";
				if ($result) {
					$this -> ajaxReturn($obj);
				}
			} else {
				$obj = (object) array();
				$obj -> code = 101;
				$obj -> message = "修改失败";
				$this -> ajaxReturn($obj);
			}
		}
	}
		//修改密码
	public function updatePwd() {
		$m = M("member");
		$username = $_SESSION["username"];
		if (IS_GET) {
			$res = $m -> where("username='{$username}'") -> select();
			$id = $res[0]["id"];
			$ret = $m -> find($id);
			$this -> assign('ret', $ret);
			if (count($res) > 0) {
				//	 	echo $ret;
				$this -> display();
			}
		}
		if (IS_POST) {
			if ($_POST["user"] == "exit") {
				session_destroy();
				$this->redirect("/home/index/login");
			}
				$Password=md5($_POST["repassword"]);
				$result=$m->where("username='{$username}'")->setField("password",$Password);
				if ($result) {
				$obj = (object) array();
				$obj ->code = 0;
				$obj ->cg =$Password;
				$obj -> message = "修改成功";
					$this -> ajaxReturn($obj);
				} else {
				$obj = (object) array();
				$obj -> code = 101;
				$obj -> message = "修改失败";
				$this -> ajaxReturn($obj);
			}
		}
	}
	//用户列表页
	public function items() {
		if (IS_POST) {
			if ($_POST["user"] == "exit") {
				session_destroy();
				$this->redirect("/home/index/login");
			}
		}
		if ($_SESSION["username"]) {
			$username = $_SESSION["username"];
			$m = M("member");
			$res = $m -> where("username='{$username}'") -> select();
			$id = $res[0]["id"];
			$ret = $m -> find($id);
			$this -> assign('ret', $ret);
			if (count($res) > 0) {
				//	 	echo $ret;
				$this -> display();
			}
		}
	}
	//角色管理页
	public function role() {
		if (IS_POST) {
			if ($_POST["user"] == "exit") {
				session_destroy();
				$this->redirect("/home/index/login");
			}
		}
		if ($_SESSION["username"]) {
			$username = $_SESSION["username"];
			$m = M("member");
			$res = $m -> where("username='{$username}'") -> select();
			$id = $res[0]["id"];
			$ret = $m -> find($id);
			$this -> assign('ret', $ret);
			if (count($res) > 0) {
				//	 	echo $ret;
				$this -> display();
			}
		} else {
			$this -> display();
		}
	}
	//查询数据库
	public function serverdb() {
		$columnindex = $_GET['order'][0]['column'];
		$dir = $_GET['order'][0]['dir'];
		$start = $_GET['start'];
		$length = $_GET['length'];
		$search = $_GET['search']['value'];
		$m = M('member');
		if ($columnindex == 1) {
			$column = "username";
		} else if ($columnindex == 2) {
			$column = "nickname";
		} else if ($columnindex == 3) {
			$column = "address";
		} else if ($columnindex == 4) {
			$column = "phone";
		}
		$res = $m -> where("username like '%{$search}%' or nickname like '%{$search}%' or address like '%{$search}%' or phone like  '%{$search}%'") -> field('username,nickname,address,phone') -> order($column, $dir) -> limit($start, $length) -> select();
		$obj = (object) array();
		$ret -> data = array();
		$ret -> draw = $_GET['draw'];
		$ret -> search = $search;
		for ($i = 0; $i < count($res); $i++) {
			$ret -> data[] = array($i + 1, $res[$i]["username"], $res[$i]["nickname"], $res[$i]["address"], $res[$i]["phone"], "<button type='button' class='btn btn-default btn-sm'>查看</button><button type='button' class='btn btn-default btn-sm'>删除</button><button type='button' class='btn btn-default btn-sm'>编辑</button>");
		}
		$sum = count($m -> select());
		$num = count($res);
		$ret -> recordsFiltered = $num;
		$ret -> recordsTotal = $sum;
		$this -> ajaxReturn($ret);
	}
	//加载用户列表数据
	public function serverdblist() {
		$columnindex = $_GET['order'][0]['column'];
		$dir = $_GET['order'][0]['dir'];
		$start = $_GET['start'];
		$length = $_GET['length'];
		$search = $_GET['search']['value'];
		$m = M('member');
		if ($columnindex == 1) {
			$column = "username";
		} else if ($columnindex == 2) {
			$column = "nickname";
		} else if ($columnindex == 3) {
			$column = "address";
		} else if ($columnindex == 4) {
			$column = "phone";
		}
		$res = $m -> where(" username   like '%{$search}%' or nickname like '%{$search}%' or address like '%{$search}%' or phone like  '%{$search}%' or work like  '%{$search}%' or role like  '%{$search}%' or birthday like  '%{$search}%'") -> field('username,nickname,address,phone,work,role,birthday') -> order($column, $dir) -> limit($start, $length) -> select();
		$obj = (object) array();
		$ret -> data = array();
		$ret -> draw = $_GET['draw'];
		$ret -> search = $search;
		for ($i = 0; $i < count($res); $i++) {
			$ret -> data[] = array($i + 1, $res[$i]["username"], $res[$i]["nickname"], $res[$i]["address"], $res[$i]["phone"], $res[$i]["work"], $res[$i]["role"], $res[$i]["birthday"], "<button type='button' class='btn btn-default btn-sm '  data-toggle='modal' data-target='#modal-update' name='edit1'>编辑</button><button type='button' class='btn btn-default btn-sm'   data-toggle='modal' data-target='#modal-del' name='del1'>删除</button>");
		}
		$sum = count($m -> select());
		$num = count($res);
		$ret -> recordsFiltered = $num;
		$ret -> recordsTotal = $sum;
		$this -> ajaxReturn($ret);
	}
	//查找用户最大id
	public function bigger() {
		$m = M("member");
		$res = $m -> field("MAX(id)  as id ") -> find();
		$this -> ajaxReturn($res);
	}
	//添加用户（用户列表页）
	public function tianjia() {
		$username = $_POST['username'];
		$Form = D('member');
		$user = $Form -> field("username") -> where("username='{$username}'") -> find();
		if ($user) {
			 $obj=(object)array();
					$obj->code=10;
					$obj->msg="该角色已存在，请勿重复添加！";
		$this -> ajaxReturn($obj);
		} else {
			if ($Form -> create()) {
				$result = $Form -> add();
			}
		}
		$auth_grou_aces = D('auth_group_access');
		if ($auth_grou_aces -> create()) {
			$result = $auth_grou_aces -> add();
			if ($result) {
				$obj=(object)array();
					$obj->code=0;
					$obj->msg="添加成功！";
		$this -> ajaxReturn($obj);
			} else {
				$obj->code=0;
					$obj->msg="添加失败！";
		$this -> ajaxReturn($obj);
			}
		}
	}
	//查询存在角色（用户列表页-新增）
	public function loadrole() {
		$m = M("auth_group");
		$res = $m -> field("title") -> select();
		$this -> ajaxReturn($res);
	}
	//编辑（用户列表页）
	public function genxin() {
		if (IS_POST) {
			$username = $_REQUEST["username-edit"];
			$Form = M('member');
			if ($Form -> create()) {
				$result = $Form -> where("username='{$username}'") -> save();
				if ($result) {
					$obj=(object)array();
					$obj->code=0;
					$obj->msg="编辑成功！";
		$this -> ajaxReturn($obj);
				} else {
					$obj=(object)array();
					$obj->code=101;
					$obj->msg="编辑失败！";
		$this -> ajaxReturn($obj);
				}
			} else {
				$this -> error($Form -> getError());
			}
		}
	}
	//删除用户
	public function delete() {
		if (IS_PSOT) {
			$Form = M("member");
			$username = $_REQUEST["username-del"];
			if ($username == "刘一") {
				$this -> success('该用户不可删！');
			} else {
				$result = $Form -> where("username='{$username}'") -> delete();
				if ($result) {
					$obj=(object)array();
					$obj->code=0;
					$obj->msg="删除成功！";
		$this -> ajaxReturn($obj);
				} else {
					$obj=(object)array();
					$obj->code=101;
					$obj->msg="删除失败！";
		$this -> ajaxReturn($obj);
				}
			}
		}
	}
	//从数据库获取用户身份
	public function rolelist() {
		$columnindex = $_GET['order'][0]['column'];
		$dir = $_GET['order'][0]['dir'];
		$start = $_GET['start'];
		$length = $_GET['length'];
		$search = $_GET['search']['value'];
		$m = M("auth_group");
		if ($columnindex == 1) {
			$column = "title";
		};
		$res = $m -> where("title like '%{$search}%' or id like '%{$search}%'") -> field('title,id') -> order($column, $dir) -> limit($start, $length) -> select();
		$obj = (object) array();
		$ret -> data = array();
		$ret -> draw = $_GET['draw'];
		$ret -> search = $search;
		for ($i = 0; $i < count($res); $i++) {
			$ret -> data[] = array($i + 1, $res[$i]["title"], "是", "<button type='button'  class='btn btn-default btn-sm'   style='display:none'></button><button type='button' class='btn btn-default btn-sm'    data-toggle='modal' data-target='#modal-del' id='roledel'  data-id='" . $res[$i]['id'] . "'> 删除</button>");
		}
		$sum = count($m -> select());
		$num = count($res);
		$ret -> recordsFiltered = $num;
		$ret -> recordsTotal = $sum;
		$this -> ajaxReturn($ret);
	}
	//角色对应（权限管理页）
	public function authlist() {
		$columnindex = $_GET['order'][0]['column'];
		$dir = $_GET['order'][0]['dir'];
		$start = $_GET['start'];
		$length = $_GET['length'];
		$search = $_GET['search']['value'];
		$m = M("auth_group");
		if ($columnindex == 1) {
			$column = "title";
		};
		$res = $m -> where("title like '%{$search}%' or id like '%{$search}%'") -> field('title,id') -> order($column, $dir) -> limit($start, $length) -> select();
		$obj = (object) array();
		$ret -> data = array();
		$ret -> draw = $_GET['draw'];
		$ret -> search = $search;
		for ($i = 0; $i < count($res); $i++) {
			$ret -> data[] = array($i + 1, $res[$i]["title"], "是", "<button type='button'  class='btn btn-default btn-sm'   style='display:none'></button><button type='button' class='btn btn-default btn-sm'    data-toggle='modal' data-target='#role-default-edit'  id='roleadd'  data-id='" . $res[$i]['id'] . "'>添加权限</button>");
		}
		$sum = count($m -> select());
		$num = count($res);
		$ret -> recordsFiltered = $num;
		$ret -> recordsTotal = $sum;
		$this -> ajaxReturn($ret);
	}
	//查找指定角色用户
	public function search() {
		$id = $_POST["id"];
		$access = M("auth_group_access");
		$uid = $access -> field("uid") -> where("group_id=3") -> select();
		$m = M("member");
		$res = $m -> field("username,role") -> join("think_auth_group_access on think_auth_group_access.uid=think_member.id ") -> where("group_id=" . $id) -> select();
		$this -> ajaxReturn($res);
	}
	//添加新角色
	public function newrole() {
		$Form = D('auth_group');
		if(IS_POST){
			$title = $_POST["title"];
		$res = $Form -> where("title='{$title}'") -> select();
		if ($res) {
//			$this -> success('该角色已存在，请勿重复添加！');
                $obj=(object)array();
					$obj->code=10;
					$obj->msg="该角色已存在，请勿重复添加！";
		$this -> ajaxReturn($obj);
		} else {
			if ($Form -> create()) {
				$result = $Form -> add();
				if ($result) {
					$obj=(object)array();
					$obj->code=0;
					$obj->msg="角色添加成功！";
		$this -> ajaxReturn($obj);
				} else {
					$obj=(object)array();
					$obj->code=101;
					$obj->msg="删除失败！";
		$this -> ajaxReturn($obj);
				}
			} else {
				$this -> error($Form -> getError());
			}
		}
		}
	}
	//删除角色
	public function role_delete() {
		if (IS_PSOT) {
			$title = $_POST["username-del"];
			$Form = D("auth_group");
			$res = $Form -> field("title") -> where("title='{$title}'") -> select();
			if ($res[0]["title"] == "超级管理员" || $res[0]["title"] == "管理员" || $res[0]["title"] == "普通用户") {
				$obj=(object)array();
					$obj->code=10;
					$obj->msg="该角色不可删！";
		$this -> ajaxReturn($obj);
			} else {
				$result = $Form -> where("title='{$title}'") -> delete();
				if ($result) {
					$obj=(object)array();
					$obj->code=0;
					$obj->msg="角色删除成功！";
		$this -> ajaxReturn($obj);
				} else {
					$obj=(object)array();
					$obj->code=101;
					$obj->msg="删除失败！";
		$this -> ajaxReturn($obj);
				}
			}
		}
	}
	//权限详细信息
	public function roledetail() {
		//身份id
		$id = $_POST["id"];
		$access = M("auth_group");
		$group = $access -> field("rules") -> where("id=" . $id) -> find();
		$rule = M("auth_rule");
		$userRules = $rule -> where("id in (" . $group["rules"] . ")") -> select();
		$this -> ajaxReturn($userRules);
	}
	//删除权限
	public function rules_delete() {
		//删除id
		$id = $_POST["id"];
		//级别id
		$master = $_POST["master"];
		$m = M("auth_group");
		$ru = "";
		for ($i = 0; $i < count($id); $i++) {
			if ($i < count($id) - 1) {
				$ru .= $id[$i] . ",";
			} else {
				$ru .= $id[$i];
			}
		}
		$res = $m -> where("id={$master}") -> setField("rules", "{$ru}");
		$this -> ajaxReturn($res);
	}
	//查询用户没有的权限
	public function loadrule() {
		$master = $_POST["master"];
		$group = M("auth_group");
		$rule = M("auth_rule");
		$rules = $group -> field("rules") -> where("id=" . $master) -> find();
		$res = $rule -> where("id not in(" . $rules["rules"] . ")") -> select();
		$this -> ajaxReturn($res);
	}
	//添加权限
	public function addrule() {
		$group = M("auth_group");
		$rule = M("auth_rule");
		$id = $_POST["id"];
		$ruleid = $_POST["thisid"];
		$rules = $group -> field("rules") -> where("id=" . $id) -> find();
		$ch = $rules["rules"] . "," . $ruleid;
		$res = $group -> where("id={$id}") -> setField("rules", "{$ch}");
	}
}
